mirror of
https://git.rtems.org/rtems-libbsd/
synced 2025-05-13 06:18:01 +08:00
0b30f38951
By default, pfkey allocates a 2MB buffer that is used for SPD entries. This size is a good choice for a server system where a lot of clients should be handled. But on our embedded systems, an application with that much clients is unlikely and 2MB is a lot of space. So reduce that to the default value of 128kB which should be enough for a small number of ipsec connections. See https://bugzilla.redhat.com/show_bug.cgi?id=607361 for more details why the upstream project originally increased the size. If someone really needs a bigger size, there is a option in the configuration file of pfkey called `pfkey_buffer` that can overwrite this value. Closes #4621
IPsec-tools =========== This package provides a way to use the native IPsec functionality in the Linux 2.6+ kernel. It works as well on NetBSD and FreeBSD. - libipsec, a PF_KEYv2 library - setkey, a tool to directly manipulate policies and SAs - racoon, an IKEv1 keying daemon IPsec-tools were ported to Linux from the KAME project (http://www.kame.net) by Derek Atkins <derek@ihtfp.com>. Currently the package is actively maintained and developed by: Emmanuel Dreyfus <manu@netbsd.org> VANHULLEBUS Yvan <vanhu@free.fr> Matthew Grooms <mgrooms@shrew.net> Timo Teräs <timo.teras@iki.fi> Sources can be found at the IPsec-Tools home page at: http://ipsec-tools.sourceforge.net/ And CVS repository is hosted at NetBSD tree: cvs -danoncvs@anoncvs.netbsd.org:/cvsroot co ipsec-tools Bug reports and project wiki is located at: https://trac.ipsec-tools.net/ Please report any problems to the mailing list: ipsec-tools-devel@lists.sourceforge.net ipsec-tools-users@lists.sourceforge.net You can also browse the list archive: http://sf.net/mailarchive/forum.php?forum_name=ipsec-tools-devel Credits: IHTFP Consulting, see http://www.ihtfp.com/ SUSE Linux AG, see http://www.suse.com/